WORLD INTELLECTUAL PROreRTY ORGANIZATION 
Intemationa] Bureau 




PCX 

INTERNATIONAL APPUCATIQN PUBUSHED UNDER THE PATCNT COOPERATION TREATY (PCT) 



(51) International Patent Classification 7 : 
G07F 7A0 // 19:00 



Al 



(11) International Publication Number: 
(43) International Publication Date: 



WO 00/31699 

2 June 20(X) (02.06.00) 



(21) International Application Number: PCT/IB 99/0 1844 

(22) International Filing Date: 19 November 1999 (19.1 1.99) 



(30) Priority Data: 
98/6510 



22 November 1 998 (22. 1 1 .98) ZA 



(71) Applicant (for all designated States exc ept U S): EASY 

CHARGE CELLULAR (PTY) LIMITED [ZA/ZA); 
Grayston Ridge Office Park, Block B, 144 Katherine Street. 
2146 Sandton (ZA). 

(72) Inventors; and 

(75) Inventors/Applicants (for US only): LEPTON, David, Ian 
[ZA/ZA]; 24 Hydewoods. Townshend Road, Hyde Park, 
2196 Johannesburg (ZA). GRIFFIN, Michael, John 
[ZA/ZA]; 14 Molope Street, Randpark Ridge, Randburg, 
2194 Johannesburg (ZA). 

(74) Agent: LE ROUX, Marias; D.M. Kisch Inc.. P.O. Box 781218. 
2146 Sandton (ZA). 



(81) Designated States: AE. AL, AM, AT, AU, AZ, BA, BB, BG, 
BR, BY, CA, CH, CN, CR, CU, CZ, DE, DK, DM, EE, 
ES. PL GB, GD, GE, GH, GM, HR, HU, ID, IL, IN, IS, JP, 
KE, KG. KP, KR, KZ, LC. LK. LR, LS, LT, LU. LV, MA, 
MD, MG, MK. MN. MW, MX, NO, NZ, PL, PT, RO, RU, 
SD. SE. SG. SI, SK, SL, TJ. TM, TR, TT, TZ, UA, UG. 
US, UZ, VN. YU, ZA, ZW, ARIPO patent (GH, GM, KE, 
LS, MW, SD, SL, SZ, TZ, UG, ZW), Eurasian patent (AM. 
AZ, BY, KG, KZ, MD. RU, TJ, TM). European patent (AT. 
BE. CH, CY. DE. DK, ES. R, FR. GB, GR. IE, IT. LU, 
MC, NL. PT. SE), OAPI patent (BP. BJ, CP, CG, CI. CM. 
GA, GN. GW, ML. MR. NE, SN. TD, TG). 



Published 

With international search report. 



(54) Title: METHOD OF. AND APPARATUS FOR, CONDUCTING ELECTTRONIC TRANSACTIONS 




(57) Abstract 

This invention provides a method of conducting electronic transactions comprising the steps of: storing an encryption key in a memory 
means of a mobile telephone; selecting a financial transaction with the mobile telephone from a number of available financial transactions; 
providing transaction information; generating a transaction message from the selected financial transaction and transaction information; 
encrypting at least part of the transaction message; and transmitting tiie transaction message from tiie mobile telephone, oyer a wireless 
network. The invention extends to a mobile telephone having input means for inputtmg transaction information and for selecting a financial 
transaction from a number of available financial transactions; memory means for storing at least an encryption key; generating means for 
generating an at least partially encrypted transaction message from tiie transaction infomation. infoimation relating to die selected financial 
transaction and the encryption key; and transmission means for transmitting the message over a wireless network. 
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METHOD OF, AND APPARATUS FOR, CONDUCTING ELECTRONIC 

TRANSACTIONS 

Technical Field 

5 This invention relates to a method of, and apparatus for, conducting electronic 
transactions and more particularly, but not exclusively, to a method of and apparatus for 
conducting secure electronic transactions over a telephone network, such as a cellular 
telephone network. 

10 Background Art 

The use of telephones to conduct electronic financial transactions is well known in the 
art Most commonly, Duel-Tone Multi-Frequency (DTMF) communication protocols of 
telephones are used to provide customers with access to banking services. This type of 
facility is only available to customers of a partictilar financial institution. Thus, only a 
15 closed system is available and customers have to link third party accounts to their 
financial institutions to, for example, transfer funds to third party accounts. 

The linking of third party accounts provides security in that customers do not have to 
manually enter third party account numbers every time a third party account is paid. 
20 Incorrect entry of account numbers is avoided by linking third party accounts to a 
customer's financial institution. This linking process is cumbersome and limiting for 
customers and financial institutions and only linked accoxmts can be paid by customers. 

25 Telephonic banking further provides for the purchase of goods or sen^ices by quoting a 
credit card number. In this case the credit card is not physically available to a merchant 
to read the card magnetically or to make a manual print or copy and this creates a 
difficulty from a security and authorisation perspective. With credit card transactions, the 
customer's financial institution pays the merchant or third party and accepts at least 
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partial liabiUty in the case that the customer does not pay their credit card account. This 
type of transaction is also commonly used to purchase goods on the Internet Pre-paid 
cellular airtime can also be purchased over a cellular telephone by providing a credit card 
number. Goods and services purchased are limited to those provided by a ceUular service 
5 provider or those available on the Internet and, as stated above, a difficulty arises in that 
the financial institution incurs liability for payment. 

AutomaticTeller Machines (ATM's) provide a means for secure electronic banking. At 
an ATM, a card reader reads a bank card and a secret Personal Identification Number 
1 0 (PIN) is provided by a customer to authorise the transaction. Transaction messages are 
sent to switches or directly to banks or other financial institutions. These transaction 
messages are encrypted at a security level that is acceptable to financial institutions. 
ATMs are not readily accessible and are installed in fixed locations. Customers are also 
restricted at an ATM in that they cannot pay accounts which are not linked to their 
15 banking profile. 

Objective of the Invention 

It is an object of this invention to provide a method of; and apparatus for, conducting 
electronic transactions which, at least partiaUy, alleviates some of the abovementioned 
20 difficulties. 

Disclosure of the Invention 

In accordance with this invention there is provided a method of conducting electronic 
transactions comprising the steps of: 
25 storing an encryption key in a memory means of a mobile telephone; 

selecting a financial transaction with the mobile telephone from a number of available 
financial transactions; 

providing transaction information; 

generating a transaction message fi-om the selected financial transaction and transaction 
0 information; 
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encrypting at least part of the transaction message; 
. transmitting the transaction message from the mobile telq>hone, over a wireless network. 

A further feature of the invention provides for the transaction message to be transmitted 
5 from the mobile telephone to a receiving station such as a bank or a switch- 

A still further feature of the invention provides for the mobile telephone to be a cellular 
telq^hone or a satellite telephone. 

0 There is also provided for the transaction information to include at least one bank account 
number or bank card number and an associated PIN: 

Further features of the invention provide for the transaction message to include 
information relating to the selected transaction, a bank account number or bank card 
number and the PIN; for at least the PIN to be encrypted; and for the transaction message 
to include error check information to facilitate the authentication of the mobile telephone 
or SIM card at the receiving station and to facilitate the validation of the integrity of the 
message at the receiving station. 

There is still further provided for the memory means to be a SIM card or to be an 
Integrated Circuit (IC) memory chip or a microprocessor. 

Further features of the invention provide for an encryption algorithm to be stored on the 
memory means; and for copies of the encryption algorithm and the encryption key to be 
stored at the switch or the financial institution. 

The invention extends to a mobile telephone having input means for inputting transaction 
information and for selecting a financial transaction from a number of available financial 
transactions; 

memory means for storing at least an encryption key; 



wo 00/31699 



4 



PCT/IB99/01844 



generating means for generating an at least partially encrypted transaction message fiom 
the transaction information, information relating to the selected financial transaction and 
the encryption key; and 

transmission means for transmitting the message over a wireless network. 

There is provided for the memoiy means to be a SIM card; alternatively, for the memory 
means to be an Integrated Cfa-cuit (IC) memoiy chip or a microprocessor. 

There is provided for at least some of the transaction information, such as a bank account 
number or a bank card number, to be stored on the memory means. 

There is provided for an encryption algorithm to be stored in the memoiy means and for 
the encryption algorithm to generate a new encryption key for each new encryption 
message generated. 

A further feature of the invention provides for error check information to be transmitted 
with the message. The error check information facilitates the validation of the integrity 
of a transaction message received by a receiving station and also facilitates the 
authentication of the mobile phone or SIM card fi-om Which the message is received at the 
i-eceiving station. 

Further features of the invention provide for the receiving station to be a switch or a 
.financial institution; and 

for the financial institution or ^tch to effect a fmancial transaction in response to 
receiving the message. 

These and other features of the invention are described in more detail below. 
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Brief Description of the Drawing 

A preferred method and embodiment of tbe invention is described below by way of 
example only, and with reference to the accompanying drawing, which shows a 
schematic block diagram of a method of and apparatus for conducting electronic 
transactions. 

Best Mode of Carrying out the Invention 

With reference to the accompanying drawing, a method for conducting an electronic 
transaction is shown schematically, and apparatus for use in the method are generally 
indicated by reference numeral 10. 

The method utilises and includes the following apparatus: a switch 12 which houses a 
secure translator 14, a point of sale (POS) terminal 16, a mobile telephone such as a 
cellular telephone 18, a financial institution 20 and at least one content provider 22. 

The switch 12 is connected to at least one cellular telephone 18 via a cellular telephone ' 
network and is further coimected by means of a fixed land-based communication line to 
at least one financial institution 20 and at least one POS terminal 16. 

The content providers 22 subscribe to the services of the switch 12, which provides a user 
of a cellular telephone 18 with the means to conduct a secure electronic transaction 
between a content provider 22 and a fiiumcial institution 20. The switch 12 has the 
facility to receive transaction messages transmitted over a cellular telephone network by a 
cellular telephone 18 and forward the messages to a financial institution 20 with the 
instmctions necessary to effect a transaction involving a particular content provider 22 in 
accordance with the transaction message. Furthermore, a transaction message received 
by the switch 12 contains enciypted information which is translated, by the translator 14, 
into an encryption format that the financial institution 20 will have the means to interpret. 
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A SIM card of the cellular telephone 18 has an initial encryption key and an encryption 
algorithm stored thereon as described below. A unique initial encryption key is generated 
by the switch 12 to be associated with a specific SIM card during the manufacture of the 
SIM cards. Transportation of a database of initial encryption keys to a manufacturer of 

5 the SIM cards takes place in at least to distinct separate paths. Each initial encryption key 
is divided into at least two parts so that each part of an initial encryption key is rendered 
useless by itself These divided parts are then transported via the two paths so that the 
transportation from the switch to the manufecturer of the initial encryption keys is secure. 
The initial encryption keys are reassembled on arrival at the manufacturer of the SIM 

D cards where a particvdar initial encryption key is stored on a secure zone of a particular 
SIM card during the manufacturing process.. A database of initial encryption keys and 
corresponding SIM identities is stored securely within translator 14 resident at the switch 
■ 12. , 

i In addition to the installation of the initial encryption key on a SIM card an encryption 
algorithm is also stored on the SIM cards. The encryption algorithm is used to encrypt 
transaction messages' with the use of encryption keys. Transaction messages are 
transmitted from the cellular telephone 18 and consist of a bank account number or bank 
card number and an associated PIN (referred to in this specification as the 'transaction 
information") and infonnation relating to a selected transaction from a number of 
available choices. A menu of available choices may be displayed on a screen of the 
cellular telephone 18 or may be made available in any convenient manner such as in 
printed fonnat The transaction message is generated by a generating means in the 
mobile tel^hone. The generating means can be software stored in the memory means or 
can be dedicated hardware for generating transaction messages or a combination of both 

Once a customer has purchased a SIM card for use m a cellular telephone, a registration 
process is required in order to initialize a secure transaction facility. The registration 
process involves storing a user's banking details such as the user's bank account or bank 
card number on a secure zone of the SIM card. It is envisaged that this will take place at 
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the POS tenninal 16. Customers swipe the bank card through a magnetic strip reader at 
the POS tenninal 16 thereby enabling the POS terminal li6 to access their banking details. 
The POS tenninal 16 then stores the banking details in a secure zone on the SIM card. A 
request for the registration of this particular SIM card identity within the system is 
transmitted to the switch 12 from the POS terminal 16. It will be appreciated that the 
banking details of a user can be transmitted for storage on the SIM card over a cellular 
network or can be stored on the SIM card by inserting the SIM card into a writer at the 
POS terminal 16. 

On receipt of the registration request message, the switch 12 validates the integrity of the 
information received using enor check information that authenticates the POS tenninal 
16 and SIM card before returning a response message that is enciypted using the same 
initial encryption key. The enor check information is transmitted with all messages that 
are transmitted in the system. The error check information allows for checking of both 
the validity of the source of a message and the conectness of a received message. 

The SIM card now validates the accuracy of the response message from the switch 12. 
Both the switch 12 and SIM card, using information from both the request and response 
^messages, update the initial encryption key using the encryption algorithm for use in the 
next transaction. Using an algorithm common to the SIM card and the switch, a new 
encryption key is derived for each new message in the system. An encryption technique 
such as this will ensure a different encryption key for each transaction message of each 
individual cellular telephone. 

After registration, the cellular telephone provides a user interface that enables the user to 
select from a menu of financial transactions. This functionality, i.e. the stmcture and 
content of the menu, is provided in the cellular telephone firmware, using a SIM toolkit, a 
Wireless Application Protocol (WAP) interface or a means provided in another format 
such as printed hardcopy format as described above. A hardcopy menu will have 
numbers corresponding to available, financial transactions for keying the nmnhers into the 
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input means or keypad of the mobile telephone. It wiU be appreciated that the input 
means can be electronic input means as opposed to being a keypad. 

The user is prompted to select a transaction as weU as a bank account or card from their 
5 banking profiles. As with transactions initiated at an Automatic Teller Machine (ATM) 
terminal, a bank Personal Identification Number (PIN) is requested from user to authorise 
the transaction. Once the transaction information has been obtained from the user, a 
transaction message is genCTated and transmitted via a cellular network to the switch 12. 
The transaction message comprises an encrypted bank PIN, which is a product of the 
1 0 newly generated encryption key, information relating to the selected transaction as well 
as transaction information together with error check information. 

In this embodiment, the transport mechanism for the transaction message is a Short 
Message Service (SMS). On receiving the transaction message the switch 12 validates 
15 the accuracy of the transaction message by utilising the error check information and 
relays the instruction to the appropriate content provider 22 and/or financial institution 
20. Information of a financial settlement is forward to a financial institution 20 after 
translation thereof by the translator 14 to an encrypted message with an encryption key 
that it has in common with the financial institution. All transaction messages are sent and 
20 forwarded together with error check information to ensure successfiil and accurate 
transmission and receipt. 

The method of conducting electronic transactions described herein is a secure method in 
that at least part of the information transmitted from the mobile telephone 18 is encrypted 
25 and cannot be read if it is fiiaudulently intercepted. The translator used at the switch 12 is 
secure in that the translation process cannot be accessed or read and the translator itself 
cannot be opened to access the information therein. A translator as is known in the art is 
used. Such a translator will erase all information if it is tampered with and no electronic 
access to the translation process from outside such a translator is possible. 

30 
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The infonnation transmitted from the switch to a financial institution or to a content 
provider is also enciypted and can not be understood if intercepted. 

The transaction method is secure and customers using a mobile telephone can pay any 
third party accoxmts from their mobile telephones. Third party accounts do not have to be 
linked to a customer's banking profile to transfer fiinds to these accounts. Third parties 
subscribe to the services of the switch 12 and do not have to be hnked to a financial 
institution. 

The invention is not limited to the precise details as described herein. For example, 
instead of the switch 12 being in fixed land-based communication wifli a financial 
institution 20 or content provider 22, the switch 12 can be in wireless communication 
with a financial institution 20 or content provider 22, Also, the memory means can be an 
integrated circuit memoiy chip or a microprocessor having embedded memory instead of 
being a SIM card. The mobile phone used can be a cell phone as is known in the art or 
can be a satellite telephone any other portable device capable of accessing a wireless 
communication network. It is also xumecessaiy to store bank account numbers or bank 
card nimibers on the memory means of the mobile telephone. These may be manually 
entered using the input means of a mobile terminal or keypad of a mobile telephone. 
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CLAIMS 

1. A method of conducting electronic transactions comprising the steps of: storing an 
encryption key in a memory means of a mobile telephone; selecting a financial 
transaction with the mobile telephone from a number of available financial 
transactions; providing transaction information; generating , a transaction message 
from the selected financial transaction and transaction information; encrypting at least 
part of the transaction message; transmitting the transaction message from the mobile 
telephone, over a wireless network. 

2. A method as claimed in claim 1 in which the transaction message is transmitted from 
the mobile telephone to a receiving station. 

3. A method as claimed in claim 2 in which the receiving station is a bank. 

4. A method as claimed in claim 2 in which the receiving station is a switch. 

5. A method as claimed in any one of the preceding claims in which the mobile 
telq>hone is a cellular telephone or a satellite telephone. 

6. A method as claimed in any one of the preceding claims m which the transaction 
information includes at least a PIN. 

7. A method as claimed in claim any one of claims 1 to 5 in which the transaction 
information includes at least one bank account number or bank card number. 

8. A method as claimed in claim 7 wherein the bank card number or the bank account 
mmiber is stored in the memory means. 
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9- A method as claimed in any one of the preceding claims in which the transaction 
message includes information relating to the selected transaction, a bank account 
number and a PIN. 

10. A method as claimed in any one of claims 1 to 7 in which the transaction message 
includes infomiation relating to the selected transaction, a bank card munber and a 
PIN.. 

11. A method as claimed in claim 8 or 9 in which at least the PIN is encrypted before 
transmission of the transaction message. 

12. A method as claimed in any one of the preceding claims in which the transaction 
message includes error check infomiation to facilitate the validation of the integrity of 
the transmitted message and to facilitate the authentication of the source from which 
the message is transmitted. 

13. A method as claimed in any one of the preceding claims in which the memory means 
is a SIM card. 

14. A method as claimed in any one of claims 1 to 12 in which the memory means is an 
Integrated Circuit (IC) memory chip. 

15. A method as claimed in any one of claims 1 to 12 in which the memory means is a 
microprocessor. 

16. A method as claimed in any one of the preceding claims in which an encryption 
algorithm is stored on the memory means. 

17. A method as claimed in claim 16 in which copies of the ericryption algorithm and the 
encryption key are stored at the switch. 
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18. A method as claimed in claim 16 in which copies of the encryption algorithm and the 
encryption key are stored at the financial institution. 

5 19. A mobile telephone having input means for inputting transaction information and for 
selecting a financial transaction ftom a number of available financial transactions; 
memory means for storing at least an encryption key, generating means for generating 
an at least partially encrypted fransaction message &om the transaction information, 
infonnation relating to the selected financial transaction and tiie encryption key; and 
1 0 tiiansmission means for ti-ansmitting tiie message over a wireless network. 

20. A mobile telephone as claimed in claim 19 in which tiie memory means is a SIM 
card. 

15 2h A mobile telephone as claimed in claim 19 in which tiie memory means is an 
Integrated Circuit (IC) memory chip. 

22. A mobile telq)hone as claimed in claim 19 in which tiie memory means is a 
microprocessor. 



0 



23. A mobile telephone as claimed in any one of claim 19 to 22 in which an encryption 
algorithm is stored in the monory means. 

24. A mobile tel^hone as claimed in claim 23 in which tiie encryption algoritiim 
generates a new encryption key for each new fmancial transaction selected and 
subsequent transaction message generated. 

25. A mobile telephone as claimed in any one of claim 19 to 23 in which error check 
infonnation is transmitted with the transaction message. 
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26. A mobile telephone as claimed in claim 25 in which the error check information 
facilitates the authentication of the mobile telephone or SIM card and facilitates the 
validation of the integrity of the transaction message. 

5 27. A mobile telephone as claimed in any one of claims 19 to 26 wherein the mobile 
phone transmits a transaction message to a receiving station. 

28. A mobile phone as claimed in any one of claims 18 to 26 wherein the mobile 
telq)hone transmits a transaction message to a financial institution. 

10 

29, A mobile telephone as claimed in claim 27 in which the telephone transmits a 
transaction message to a switch or to a financial institution acting as a receiving 
station. 

15 30. A mobile telephone as claimed in claim 19 in which transaction information including 
a bank account number or bank card number but excluding a PIN is stored in the 
memory means. 
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